[Python-Dev] Re: Capabilities
Guido van Rossum
Sat, 08 Mar 2003 08:29:58 -0500
> What I am trying to nail down is exactly what needs doing to get us
> from where we are now to where capabilities actually work. As I
> understand it, what is needed is:
> a) Fix restricted execution, which is in a state of disrepair
> b) Override import, open (and other stuff? what?)
Don't worry about this; it's taken care of by the rexec module; each
application will probably want to do this a little differently
(certainly Zope has its own way).
> c) Wrap or replace some of the existing libraries, certify that others
> are "safe"
This should only be necessary for (core and 3rd party) extension
modules. The rexec module has a framework for this.
> It looks to me like a and b are shared with proxies, and c would be
> different, by definition. Is there anything else? Am I on the wrong track?
I don't know why you think (c) is different.
> I am going to write this all up into a document which can be used as a
> starting point for work to complete this.
--Guido van Rossum (home page: http://www.python.org/~guido/)